|
302401
|
- |
|
bitweaver
|
bitweaver
|
Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter.
|
CWE-22
Path Traversal
|
CVE-2010-5086
|
2024-11-21 10:22 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302402
|
- |
|
hulihanapplications
|
amethyst
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators …
|
CWE-352
Origin Validation Error
|
CVE-2010-5085
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302403
|
- |
|
e107
|
e107
|
The cross-site request forgery (CSRF) protection mechanism in e107 before 0.7.23 uses a predictable random token based on the creation date of the administrator account, which allows remote attackers…
|
CWE-352
Origin Validation Error
|
CVE-2010-5084
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302404
|
- |
|
phpnuke
|
web_links_module
php-nuke
|
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
|
CWE-89
SQL Injection
|
CVE-2010-5083
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302405
|
- |
|
microsoft
|
windows_server_2008
|
Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan h…
|
NVD-CWE-Other
|
CVE-2010-5082
|
2024-11-21 10:22 |
2012-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302406
|
- |
|
mini-stream
|
rm-mp3_converter
|
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5081
|
2024-11-21 10:22 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302407
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Shee…
|
CWE-362
Race Condition
|
CVE-2010-5074
|
2024-11-21 10:22 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302408
|
- |
|
google
|
chrome
|
The JavaScript implementation in Google Chrome 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5073
|
2024-11-21 10:22 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302409
|
- |
|
opera
|
opera_browser
|
The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5072
|
2024-11-21 10:22 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302410
|
- |
|
microsoft
|
internet_explorer
ie
|
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5071
|
2024-11-21 10:22 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
